<?php

/**
 * 用户登录校验类。
 * 用户登录返回结果补充了4个状态：3、4、5、6；
 */
class UserIdentity extends CUserIdentity
{
	protected $_id;
	const ERROR_EMAIL_INVALID=3;//email不正确；
	const ERROR_STATUS_NOTACTIVE=4;//用户未被激活；
	const ERROR_STATUS_BANNED=5;//此用户已被屏蔽；
	const ERROR_USER_NOT_ADMIN=6;//用户非管理员；
	private $_logintype = 0;//登录方式：-1为测试用，写死；0为用户名；1为email；2为用户名或email；默认为用户名；
	
	/**
	 * 用户登录校验方法。
	 */
	public function authenticate($isAdmin=false, $isRpc=false)
	{
		if($this->_logintype == -1)
		{
			$users=array(
				// username => password
				'demo'=>'demo',
				'admin'=>'admin',
			);
			if(!isset($users[$this->username]))
				$this->errorCode=self::ERROR_USERNAME_INVALID;
			else if($users[$this->username]!==$this->password)
				$this->errorCode=self::ERROR_PASSWORD_INVALID;
			else
				$this->errorCode=self::ERROR_NONE;
			$this->_id=1;
			return !$this->errorCode;
		}
		else
		{
			switch ($this->_logintype)
			{
				case 0:
					$user = User::model()->findByAttributes(array('user_login'=>$this->username));
					break;
				case 1:
					$user = User::model()->findByAttributes(array('email'=>$this->username));
					break;
				case 2:
					$user=User::model()->findByAttributes(array('user_login'=>$this->username));
					if(!is_object($user)) 
						$user=User::model()->findByAttributes(array('email'=>$this->username));
					break;
				default:
					$user = User::model()->findByAttributes(array('user_login'=>$this->username));
					break;
			}
			
			if($user===null)
			{
				if ($this->_logintype == 1) 
				{
					$this->errorCode=self::ERROR_EMAIL_INVALID;
				}
				else 
				{
					$this->errorCode=self::ERROR_USERNAME_INVALID;
				}
			}
			else if(User::hashPassword($this->password,$user->user_salt)!==$user->user_pass)
				$this->errorCode=self::ERROR_PASSWORD_INVALID;
			else if($user->user_status == 0)
				$this->errorCode=self::ERROR_STATUS_NOTACTIVE;
			else if($user->user_status==-1)
				$this->errorCode=self::ERROR_STATUS_BANNED;
			else
			{
				if($isAdmin)//后台控制板登录时需要检查。
				{
					if ($user->authorizer!=1)
					{
						$this->errorCode=self::ERROR_USER_NOT_ADMIN;
						return $this->errorCode;
					}
				}
				$this->_id=$user->uid*1;
				$this->errorCode=self::ERROR_NONE;
				if ($isRpc) {
					$ret['uid'] = $this->_id;
					$ret['msgcode'] = $this->errorCode;
					$ret['msg'] = $this->errorMessage;
					$ret['username'] = $user->user_login;
					$ret['userrank'] = $user->user_rank;
					$ret['userdpt'] = $user->user_dpt;
					$ret['usernicename'] = $user->user_nicename;
					return $ret;
				}
				$this->setState('uid', $this->_id);
				$this->setState('userrank', $user->user_rank);
				$this->setState('userunit', $user->user_unit);
				$this->setState('userdpt', $user->user_dpt);
				$this->username=$user->user_nicename;
				/**
				 * 如果使用PHPauth
				 * 
				$auth=Yii::app()->authManager;
				if(!$auth->isAssigned($user->role,$this->_id))
				{
					if($auth->assign($user->role,$this->_id))
					{
						Yii::app()->authManager->save();
					}
				}
				 */
			}
		}
		return !$this->errorCode;
	}

	public function getId(){
		return $this->_id;
	}
}